Fuzz testing system for stateful network protocol

A technology of fuzz testing and network protocols, applied in the direction of correct operation testing, etc., can solve the problems that the coverage of protocol fuzz testing is not complete, the test script cannot contain the entire state sequence of the message sequence, and the lack of stateful protocol support, etc., to simplify the operation , to solve the effect of insufficient testing

Active Publication Date: 2015-07-22
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF3 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] The present invention provides a stateful network protocol fuzzy testing system, which solves the problem that the traditional network protocol fuzzy testing framework lacks support for complex and stateful protocols, and the p...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fuzz testing system for stateful network protocol
  • Fuzz testing system for stateful network protocol
  • Fuzz testing system for stateful network protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will be described in detail below by giving an example of SulleyEX, a network protocol fuzzing testing framework based on a finite state machine.

[0031] SulleyEX proposes a fuzzing testing framework based on a finite state machine based on the insufficiency of existing tools for state transition testing of stateful protocols, and according to the characteristics of stateful network protocols. SulleyEX is mainly divided into test and auxiliary parts. The test part is mainly composed of data generation module and session management module. The auxiliary part is mainly composed of monitor and driver modules, such as figure 2 .

[0032] 1. Data generation module

[0033] The data generation module stores original data samples, fuzzes the original data based on a rule tree algorithm, and generates fuzzy test cases. The data generation module first obtains the original data sample, and then expresses it as a request according to the protocol request...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a fuzz testing system for a stateful network protocol, and solves the problem the traditional network protocol fuzz test frame lacks support on complicated stateful protocols. The fuzz testing system comprises a data generation module, a session management module, a monitor and a driving module; the data generation module is used for storing raw data samples and fuzzing raw data based on a rule tree algorithm to generate fuzz testing cases; the session management module is used for connecting one or more requests defined in the fuzz testing cases into a directed acyclic graph, and then performing fuzz testing specific to each path; the monitor comprises a process monitor and a network monitor; the driving module is used for communicating with a to-be-tested target serve, sending test requests and receiving server response messages.

Description

technical field [0001] The invention relates to a fuzzy testing system for a stateful network protocol, which belongs to the field of fuzzy testing. Background technique [0002] Explanation of terms: [0003] Fuzz testing: Fuzz testing is a specific technique of black box testing, which is getting more and more attention in security testing. Its principle is to input a large amount of malformed data into the target program, and find possible security holes in the tested program by monitoring the abnormality of the tested program. It is a typically automatic or semi-automatic process. [0004] Network protocol fuzz testing: A network protocol refers to a collection of rules that must be followed when exchanging information between peer entities communicating with each other in a computer network. In network protocol fuzzing, it is required to identify the interface of the attack, mutate or generate fuzzy values ​​containing errors, then pass these fuzzy values ​​to a targ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L1/24
CPCH04L1/24
Inventor 胡昌振马锐郭林楠单纯王达光
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap